Regional privacy disclosures

Fanelle · Android client distributed on Google Play · Policy refreshed 2026-05-11

Controller: CHEN RIHY TRADING LIMITED, Rm 701, Unit 108, 7/F, Twr B, New Mandarin Plaza, 14 Science Museum Rd, Tsim Sha Tsui, Hong Kong

General privacy contact: support@chenrihytrading.com

Data Protection Officer: Chen Rihong — dpo@chenrihytrading.com

California notice (CCPA / CPRA)

If you reside in California, the California Consumer Privacy Act as amended by the California Privacy Rights Act (Cal. Civ. Code §§ 1798.100 et seq.) may afford you rights to know what personal information is collected, to delete or correct certain information, and to opt out of “sale” or “sharing” as defined in California law, including certain disclosures to third parties for cross-context behavioral advertising even absent monetary consideration.

Personal information categories processed for this app align with: audio/video call content; chat content and attachments; electronic network activity-style diagnostics; customer records inferred from voluntary safety submissions; and identifiers embedded in diagnostics. We do not sell personal information and do not use personal information for cross-context behavioral advertising in connection with this app.

How to submit a request: Email support@chenrihytrading.com with the subject line “California Privacy Request.” Include enough detail for us to verify and locate records. We aim to respond within fifteen business days absent exceptional complexity.

Authorized agents: California permits use of an authorized agent; we may require signed permission and direct verification.

Virginia notice (VCDPA)

Virginia consumers may exercise rights regarding confirmation, access, deletion, portability, correction, and opt-out of targeted advertising, sale of personal data, and certain profiling under Va. Code §§ 59.1-575 et seq.

We do not sell personal data for this app and do not conduct targeted advertising as defined in the VCDPA. If you disagree with our characterization, email support@chenrihytrading.com with subject “Virginia Sale Opt-Out” or “Virginia Targeted Advertising Opt-Out.” For profiling questions, use “Virginia Profiling Inquiry.”

Colorado, Connecticut, Utah, Texas — quick reference

Residents of states with comprehensive privacy statutes may have analogous rights. Use the same mailbox; label your state in the first line of the body. We respond within statutory windows and use fifteen business days as an operational target when statutes permit.

Other U.S. states — general approach

We extend reasonable access and deletion practices to residents outside named states when feasible and lawful, without creating new substantive rights where none exist.

EEA / United Kingdom notice (GDPR / UK GDPR)

Articles 13–14 transparency: the controller is identified above. Purposes include service delivery, integrity, analytics, and safety. Legal bases: contract/pre-contract measures for communications content; legitimate interests balanced for diagnostics and fraud prevention; legal obligation where compelled; consent where presented separately.

Articles 15–22 rights may be exercised via support@chenrihytrading.com. Article 77 complaints may be filed with your local supervisory authority.

Articles 44–49 transfers: SCCs and UK IDTA modules where required.

Brazil (LGPD) — brief statement

If Brazilian law applies extraterritorially, you may contact the same privacy address for rights under Lei 13.709/2018, subject to verification.

Categories mapped to each regime

Call media, chat payloads, diagnostics (including device-scoped correlators inside telemetry), and voluntary safety submissions map across regimes under different labels but the same factual processing.

Retention by regime

Statutes rarely prescribe exact TTLs; we apply category schedules described in our global retention statement: short tails for live routing data, rolling windows for diagnostics, flexible holds for investigations.

Cross-border mechanisms (recap)

Standard contractual clauses and UK equivalents supplement adequacy where hosting regions differ from your residence.

Android permissions & “Device ID” disclosure

Fanelle is a night-time AI companion offering voice-based conversation with characters. State and federal disclosures aside, the permission inventory is narrow and surface-bound. Each constant below is requested only at the gesture identified:

Fanelle does not request gallery-write, contacts, location, calendar, SMS, or call-log permissions. Device-identifier-class tokens (sometimes labelled “Device ID” in Google Play questionnaires) may ride inside crash and analytics events strictly for crash dedupe and fraud clustering; they are not sold and not used for cross-context behavioural advertising.

Children

Not directed to under-18 users; age screen only.

Supplement: California “share” language vs. this document

When California uses “share” narrowly for certain advertising disclosures, nothing in this document is intended to admit such sharing for this app; the standalone opt-out channels remain available.

Operational contact

All paths converge on support@chenrihytrading.com with copy to DPO where appropriate.

No registration or login exists for this build; no in-app digital purchases. Runtime permission reality must match shipped binaries and Play Console Data safety.